I was wondering when a reporter would uncover this.
-
@GossiTheDog bitlocker in all enterprise implementations I have seen always felt more like security theatre than actual security. Sure it was gonna keep a thief of opportunity out of your files, but anyone with more resources could get around it
@Killertomato @GossiTheDog when reading about privacy violation enforcement actions by the FTC there were a lot that would have been resolved by this. Laptops full of patient data stolen from a car, etc.
Honestly it probably mitigates most crimes where an encrypted hard drive avoids the risk. Not all. And not all the non-crime related reasons people care about privacy
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Another reason I do not use Microsoft. I am forced at work to use it but i try as many work around to avoid it as much as possible. Only another 450 days left of being forced to use it.
-
@squillace well, it's part of how Windows works with Microsoft (online) accounts at least since Windows 8.1 (I had to recover an encryption key to help someone reset their Surface device and I got it through their user account, a Microslop support rep back then told me that they couldn't help if there wasn't a cloud backup, the key wasn't accessible to the user without it). So users don't really have a choice in the matter (no access to key at all, or have it on Microslop's cloud).
@Infoseepage @GossiTheDog@jt_rebelo @Infoseepage @GossiTheDog that is precisely the point. you CAN possess and NOT backup your keys in a cloud. But sure, it makes it easy for msft to help you out in a pinch. But MSFT could upload an encrypted version -- they do not offer that. Unfortunately.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog Bloody Nora!
-
@GossiTheDog What's amazing to me is how many people have sleepwalked into having their user profile synced to Microsoft's servers. Super bad idea for any number of reasons.
@Infoseepage @GossiTheDog Corporations can't be trusted.They prove that over and over.
-
@jt_rebelo @Infoseepage @GossiTheDog that is precisely the point. you CAN possess and NOT backup your keys in a cloud. But sure, it makes it easy for msft to help you out in a pinch. But MSFT could upload an encrypted version -- they do not offer that. Unfortunately.
@jt_rebelo @Infoseepage @GossiTheDog altneratively, they could store it in the TEE encrypted drive now, but again, they don't offer that. MSFT can't touch that one. But you have to know; normal users obviously do not.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
-
@GossiTheDog uploading the BitLocker recovery keys to the MS cloud is not default behavior, is it? Even the Forbes article states that you can opt-out of it (or do you even have to opt-in?).
@christopherkunz @GossiTheDog if you have to to opt out, that makes it default behaviour by definition.
-
@christopherkunz @GossiTheDog if you have to to opt out, that makes it default behaviour by definition.
@jkmcnk Yup, certainly. Firing up my win machine now to see what's up with that.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog IT admins everywhere should have started exploring viable alternatives the second Candy Crush showed up in Windows Enterprise.
If the FBI can obtain someone's Bitlocker keys, that means malicious actors can, too.
There is no such things as a backdoor for only the good guys.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/It's not a flaw. It's a feature. For authority and Microslop.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog
Maybe that's why our IT department didn't bother to require bitlocker encryption on storage devices I plug into my new PC (actually, I think it was just an oversight).
Anyway it makes my job easier because I occasionally need to exchange data with really old applications on an unconnected XP laptop which can't run bitlocker. -
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog You know those video's with "Wait for it!"? This is the one. I know this not an option for everyone but I love the combination of Linux and LUKS file-systems. Oh and if you don't hit bootselect at power-on, my machines boot into a small and clean Windows. Good luck with that.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/Lesson: Never trust cloud-based encryption systems from any company.
-
I was wondering when a reporter would uncover this.
So BitLocker is super secure, right? Well... BitLocker recovery keys are backed up to Microsoft's Cloud - and they give them out to law enforcement on request. Using the BitLocker recovery key, you can just unlock the device without a PIN etc.
https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/@GossiTheDog EVERY US corporation is an extension of the US government since the Patriot Act. Whatever the government says, they must comply, and they can't talk about it. According to the law.
